Defense Information Moves Toward a Common Ground

A U.S. Marine Corps sergeant communicates position information while on patrol in Helmand province, Afghanistan. The Defense Information Systems Agency (DISA) is striving to replace service-oriented standards with joint requirements to improve interoperability and technology innovation.

The agency in charge aims for joint requirements to replace service standards.

The Defense Information Systems Agency is striving to wrap its digital arms around the growing plethora of military data by consolidating standards and requirements. This would allow smoother technology insertion, better security and improved information interoperability—if efforts are successful.

This endeavor aims to take advantage of mobile devices, the move to the cloud and closer coordination and cooperation with industry. It also offers a way to accommodate the budget reductions that the agency and all of its customers will be facing for the foreseeable future.

The Defense Information Systems Agency’s (DISA’s) main thrust is to replace service-specific and mission requirements with joint requirements, states DISA Director Lt. Gen. Ronnie D. Hawkins Jr., USAF. The agency is taking on more enterprise-level work, he says, adding that this compares with traditional past activities that historically have seen DISA focused more on the business unit. Instead, the agency will increase its operational focus. This effort reflects both technology advances and a new mindset for battlespace networking.

“Joint force commanders are going to want to have a networked environment—not a net-centric environment, but a networked environment,” Gen. Hawkins declares. This will enable the ability to “collaborate with certainty,” which would be done at the enterprise level instead of each entity owning its own piece.

When the U.S. Defense Department eliminated the positions of J-6 and assistant secretary of defense for networks and information integration, DISA was designated to serve as a focal point for some of the responsibilities of the two billets. Gen. Hawkins allows that the agency is working more closely with the Defense Department chief information officer (CIO) and with the Joint Staff.

The general explains that DISA is working internally toward using a common framework, and for that the agency is focusing on the Information Technology Infrastructure Library (ITIL). Currently, the agency does not have a common process for its information. If successful, the agency would standardize toward an ITIL framework.

Externally, DISA wants to increase mission effectiveness to all of its customers. The metric for achieving this would be for users to view DISA’s services as transparent. “In the same way that DISA took communications off the table, we want to take information technology off the table,” the general explains. He wants users to have confidence that their computers will give them whatever connectivity they need when they switch it on.

The key to achieving that goal will be to define “the lines of demarcation” relative to the different services and to DISA itself, Gen. Hawkins continues. Those demarcations have moved, and DISA must redefine them so that it can work effectively with its customers. “In the past, you could define where DISA came up to the base/post/camp/station, and where the service took that capability from its internal to its relative service person. But now, I don’t know that you can do that,” he says. “All the way down to the edge has been blurred from the operational tactical level.”

So, DISA finds that determining what it does from the joint perspective is difficult. Many past duties no longer are necessary, and some new obligations must be defined—particularly by the customer. Accordingly, the agency must work with the services to ensure that they have the same perspective. “We have to work it jointly,” the general says. “None of us has enough resources to do what we used to do in the past. Therefore, we have to work it jointly.”

A perfect example of this approach is the Defense Enterprise Email, Gen. Hawkins points out. Email activities done by the services, defense agencies and combatant commands should be assumed by DISA as part of the joint defense enterprise, he says.

This enterprise solution does not work as well without standardized data, and DISA is working with other organizations that are trying to develop those standards. The general estimates that as much as 80 percent of the data can be standardized.

Another requisite is identified authoritative data sources. “We need to see some enforcement through policy as well as execution of where those authoritative data sources are, standardize on that data, and move out,” the general offers. “If we continue down the road we’ve been on, we will just continue to proliferate the different boxes of data.”

That enforcement may take the form of a monetary penalty. “You obviously have to get rid of/turn off—which means ‘take the money’ from—those entities that continue to go on their own,” he adds.

DISA is addressing several aspects of the evolution toward mobile communications and networking the individual warfighter. For smartphones, Gen. Hawkins relates that the agency is focusing on security. “We have to make sure we put the security around the hardware side. We do that with our security technical implementation guides [STIGs],” which are available from and run by DISA’s Program Executive Office for Information Assurance and Network Operations.

U.S. Army soldiers with the 10th Mountain Division radio enemy position information while taking fire in Logar province in Afghanistan. DISA is aiming to create a complete networked environment for joint force commanders in conflicts.

DISA has given Defense Department CIO Terry Takai its mobility strategy, which includes how it will wrap security around the different handheld devices. The general emphasizes that this security approach will not be tied to any single handheld device. Users will match each device against agency security requirements.

The agency is taking a different approach to mobile handheld software. Security will be wrapped around those applications, and ultimately they will be placed in an app store. This will allow applications to be available to more people. The general observes that standardization will allow mobile apps to operate securely on handheld devices.

“We believe that we can get all of that [secure apps process] going within the next five months, and really keep moving on to where we put it into that enterprise,” he states.

The evolution toward mobile communications will not change the agency’s thrust toward a joint enterprise solution, Gen. Hawkins notes. Data is the focus on this effort, and it will not change the enterprise effort. Yet, just as applications will be available to more individual users, information linkage will be more ubiquitous in the new networked environment.

The influx of mobile devices and their accompanying apps also will lead to a significant increase in the number of sensors being placed on the network, the general allows. With all of these different sensors entering the cyber realm, DISA must ensure standardization and security.

Device security is only a part of DISA’s cybersecurity activities, and the agency is pursuing a number of solutions across a broad field of activity. Much of this effort is linked to the agency’s enterprise approach. “The more that we centralize and place at the enterprise, the better our defensive posture is, because we can secure just that instead of secure multiple [elements],” Gen. Hawkins says.

Moving to the cloud presents a new set of challenges. Foremost among these is actually defining the cloud, the general points out. Many different views exist, and DISA is working with the Defense Department CIO to help define the cloud. The prevalent view is that different clouds exist for data, applications and software, but definitions are some distance away. DISA will be an important organization for brokering how the department moves to the cloud, the general warrants.

The budget cuts that have been defined by the Defense Department have several effects on DISA. Accordingly, the agency must ensure that it has budget transparency, Gen. Hawkins states. “When it comes time for us to be talking with our mission partners, they must trust what we say, and we have to mean what we say when it comes to costing out the capabilities that we deliver.” He believes that trust has been validated through the clean audit that the agency recently received. The next step is for DISA to use its funding—predominantly from the working capital fund—in the right way.

The agency’s joint enterprise approach should generate significant savings. “The number of defense-in-depth capabilities that each service has employed is astronomical,” Gen. Hawkins declares. “So, reducing that while still providing security will result in a reduction in systems administrators, in firewalls, in servers—while adding virtualization of capability, putting programs and data into the cloud—will be effective in reducing the budget.”

The general notes that people are expecting some savings to be realized through increased efficiencies and more effective use of information technology. While that can happen, it does not happen overnight, he emphasizes. Bringing in new capabilities that can bring about those efficiencies will introduce startup costs, and the agency must take that into consideration.

“When we start talking about the ‘budget reduction,’ we must be cautious about where we say we are going to apply it,” Gen. Hawkins warns. If that reduction is applied to a mission partner, that partner may turn around and tell DISA that its budget is reduced as well.

“I don’t see us necessarily reducing our budget—the working capital fund—because of the mission set,” he says. “We pay for what we do; and the users are requiring more of us, so I don’t believe that you are going to see that working capital fund go down.”

However, operations and maintenance accounts are likely to decline. The agency will need to monitor those activities carefully, particularly in terms of managing the number of personnel and ensuring their efficiency.

Gen. Hawkins emphasizes that DISA must be careful about how it shows its cost savings. Sometimes, reported savings are immediately deducted from future budgets, but those savings may not be realized for several years. Reducing budget funding before savings are actually realized happens all too often, and the agency must ensure that it does not lay the groundwork for that problem.

With this future defined by limited resources, Gen. Hawkins calls for close cooperation between DISA and industry. Research and development funding in particular will be tight, and industry can contribute solutions to the agency’s challenges. The two sectors should avoid duplicating efforts and instead invest their research and development money in complementary efforts, the general continues. The DISA service catalog addresses the agency’s future, and this technology road map can help direct industry down the right research path. “We have to work in concert with industry on research and development versus guessing at it,” he says.

Share Your Thoughts:

Analysis, economical accurate analysis, would eliminate the need for a lot of data and pinpoint the direction of collection of data. I think brilliant anlysts can code (or have coded) their techniques and perspectives and automate them. Relevancy would eliminate a large percentage of data and zero in on the appropriate data to solve a problem. The issue isn't acquiring data, or standardizing it, it's what is done with it after it's acquired. The most brilliant analysts must lead the way and their techniques and thought processes are what should be distilled and employed.

Featured Blog

U.S. Secretary of Commerce Penny Pritzker has announced the first 26 recipients of the 2014 Regional Innovation Strategies program grants as part of a new initiative designed to advance innovation and capacity-building activities across the country.